<?php
if( empty( $_SESSION ))
{
	session_start();	
}
include_once("../models/cls.login.php");
$oLogin = new login();

function ataque( $string )
{
	$string = mysql_escape_string( $string );
	return $string;
}

if( ! empty( $_POST ) )
{
	$aDados = $oLogin->autenticar_usuario( ataque( $_POST["login"] ) , ataque( $_POST["senha"] ) );
	if( empty( $aDados ) )
	{
		?>
		<script>
			alert("Dados incorretos!");
			window.location.href = "../index.php";
		</script>
		<?php
	}
	else
	{
		//$oLogin->x( $aDados[0]["login"] );
		
		$_SESSION["login"] = $aDados[0]["login"];
		$_SESSION["nome"] = $aDados[0]["nome"];
		//header("location:../index.html");
		?>
		<script>
			window.location.href = "../index.html";
		</script>
		<?php
	}
}
?>